VULN_PUA_GIGABYTE_Driver_Jul22_1

Rule Info

Name
VULN_PUA_GIGABYTE_Driver_Jul22_1
Description
Detects a vulnerable GIGABYTE driver sometimes used by malicious actors to escalate privileges
Date
2022-07-25
Score
65
Tags
['VULN', 'DEMO']
Minimum Yara
1.7
Author
Florian Roth
Av Ratio
14.9
Rule Hash
023c30063d5ff1142a2ac72e7998c38e
Required Modules
[]

Antivirus Verdicts

Rating
Number of Samples
Malicious (>= 10 engines)
4
Suspicious (< 10 engines)
6
Clean (0 engines)
4

Rule Matches

Hash
Total
Timestamp
Positives
VT
0ace89d391960816d725175df73f71c0cfd281725b9d7044f9389b1bb243f188
70
2022-08-19 09:14:30
24
270c9fd5babba5f2eb38c0454427c7b7075068212b57a0b04ecb4f93be8c2a37
70
2022-08-19 09:14:30
2
5682a7bb7f2e5a442ad3d7cd273fce20c5b7af6230c8ed9cbca537bfd26fd217
70
2022-07-26 15:19:45
1
0629f2fbd09608e28f5c3fca15e3be9b4d4ef4d0b50544f179a32b070bb48824
70
2022-07-26 15:14:06
0
3943b82326308382d994f1b5cba82326303b81b29cccac5537155be964ffaa72
70
2022-07-26 15:03:25
0
583b66dd26607b777f08be3e6d88fc2f07cff3da3b911e6e10553304ae0c0bcc
69
2022-07-26 13:06:35
16
8655c51c38cca9a7c84d542e00b87a484170e6e38abaf6182dbb8d1d7b30c494
71
2022-07-26 11:38:06
42
a62b2531cdf865f4452a4e39570f8f5a71c1fb4a133818568aa6d5928c7f3689
71
2022-07-26 11:27:30
46
447c2fed25339a1248afb7050745e5715592f819a585046a940f065b926d2760
69
2022-07-26 10:42:49
1
6f1fc8287dd8d724972d7a165683f2b2ad6837e16f09fe292714e8e38ecd1e38
71
2022-07-26 10:31:09
6
9f0195455dcaf5f5ee3b46f46989b171cf012962f4db08036faa31c133addf62
68
2022-07-25 12:31:01
4
301079280788e85ae7e999f7f4968d1fc367dcb73147d1f5925c301a5ff3d6ae
70
2022-07-25 11:07:26
0
7a81496d162ea7e09d6f18d4935efc611087469c8ee909cc836b22bec93330f1
70
2022-07-25 11:06:55
5
31f4cfb4c71da44120752721103a16512444c13c2ac2d857a7e6f13cb679b427
69
2022-07-25 11:06:38
0

Rule Matches per Month (last 24 months)